800-818-7199 diy@diypbx.com

Video 20: How to Set-up Fail2Ban, IPTables and Troubleshooting

fail2ban is a service that monitors failed authentication attempts. It’s purpose is to provide extra protection if you need to open your firewall, by banning IPs that are trying to log in, but are entering incorrect passwords multiple times.

1. Pull up your terminal and SSH into your server > Login to your DIYPBX phone system

  • Type in “iptables -L -n” to list your IPTables rules.

2. To test this, “Logout” of your SSH session that you just logged into in the above step

  • Attempt to log in again multiple times.
  • You will receive an error message “Permission denied, please try again.”
  • After several attempts you will be banned which is indicated by an error message “connect to host port … Connection refused’ and it will no longer respond to your login attempts.

3. To fix this, browse to your DigitalOcean droplet DIYPBX phone system and unban your IP address

  • In the console (which is a different IP address than yours)
  • Type in “iptables -L -n” to list your IPTables
  • Note that your IP should show banned, indicated by “REJECT” listed next to it
  • Type in “fail2ban-client status” lets you see the jails that are configured for fail2ban
  • Type in “fail2ban-client set ssh-iptables unban ip “your ip address””
  • Type in “iptables -L -n” to list your IPTables and you will no longer be banned

4. Pull up your terminal and SSH into your server > You should now be able to log back into your DIYPBX phone system

  • Type in “iptables -L -n” to list your IPTables
  • Each type of login has a separate jail (i.e. your phone, logging into your FreePBX server, etc)

What is Fail2Ban?

Fail2ban monitors log files for selected entries to prevent your server from brute-force attacks. It bans any entry (such as an IP address) that makes too many login attempts within a defined time-period.

What are IPTables?

IPTables is an application that allows you to store and configure rules provided by the Linux kernel firewall to guide appropriate and inappropriate traffic into or out of your server.